Google recently deployed a patch for a zero-day vulnerability discovered in its Chrome browser. This flaw, the eighth of its kind in 2025, is actively exploited by malicious actors. The tech giant urges its users to update their browser promptly to ensure their online security.
The 3 must-know facts
- Google has fixed a new zero-day vulnerability, the eighth of the year, in its Chrome browser.
- The flaw originates from LibANGLE, an open-source library, and can lead to arbitrary code execution.
- The update is already available for Windows, macOS, and Linux, and can be installed manually if necessary.
Zero-day vulnerability: a major risk
The zero-day vulnerability recently identified in Chrome, referenced under number 466192044, is currently being exploited, making it an immediate threat to users. The specific details of this flaw remain confidential until the majority of users have updated their browser.
This vulnerability is located in LibANGLE, an open-source library used by Chrome. The issue stems from a buffer overflow in Metal rendering, caused by an incorrect calculation of memory size. This can lead to browser crashes, data leaks, or even the execution of malicious code.
An update necessary for security
Google quickly released an update to counter this threat. Available for Chrome Stable users on Windows, macOS, and Linux, this update aims to secure systems against potential attacks. Although the patch is being rolled out, a manual process is possible via the Help menu, then About Google Chrome, for those who wish to install it immediately.
Google strongly recommends all users update their browser as soon as possible. This precaution is all the more important as Chrome remains a prime target due to its popularity and the complexity of its ecosystem.
A busy year for Google
In 2025, Google has been particularly solicited to fix zero-day vulnerabilities. Besides the latest one, the company has already deployed patches in June and September. These vulnerabilities highlight the importance for users to keep their software up to date to protect against cyber threats.
Google continues to work actively to identify and fix security flaws, thus demonstrating its commitment to protecting its users.
Context on zero-day vulnerabilities
Zero-day vulnerabilities are security flaws in software that are exploited by cybercriminals before the software developer can release a patch. These flaws are particularly dangerous as they can be used to access systems, steal information, or install malware without the user’s knowledge. The importance of quickly fixing these vulnerabilities cannot be underestimated, as they pose a direct threat to the security of users worldwide.